5 replies to this topic

[evasive]

I have a challenge. I see after launching pirana.exe form the installed folder under C:\Progrma Files it is spawning anohter pirana.exe process from the %TEMP%\<random_subfolder\<random_subfolder>

 

This is not acceptable for our IPS/security team. Is there a way to make that second process start from a defided folder? Otherwise the second process will be blocked by whatever anti-malware/anti-virus/anti-ransomware that is being used in the organization. So far this has not been an issue as we were running it virtualized in App-V. But now we have a system where it needs to be run physically installed and we run into this issue.

[Simon Davis]

Hi I spoke with with one of the developers and what he thinks is happening is that the pirana in "TEMP" is just the Perl interpreter running the pirana.pl script. Remember that (on Windows) Pirana is distributed as an executable. That executable is just a self-expanding zip-package, that includes the Pirana Perl scripts, the required Perl packages, and the Perl interpreter. When the user starts pirana.exe, it expands those things (probably in "TEMP"), and then starts the Perl interpreter to run the pirana.pl script. This is for example why the first time you start pirana.exe on Windows it takes 5-10 seconds longer, as it needs to decompress these files.

 

So he's not sure what to recommend. could your IT group add an exception for Pirana in the AV software? run Pirana from source?

 

If your IT group needs more help/information then let me know when they would be available, EU afternoon would most likely work best with the timezones.

 Simon.

Edited by Simon Davis, 21 August 2019 - 06:07 PM.

[evasive]

 

 

When the user starts pirana.exe, it expands those things (probably in "TEMP"), and then starts the Perl interpreter to run the pirana.pl script. 

 

So the question is, is there any control over where this extraction is done? If so I can ask the IT department to maken an exception for that folder, just as long as it is consistently unpacking in that folder.

[evasive]

as for running from source, I am hired to make this application land on windows client machines, if there's a description on how to make that happen I'm all ears.

[Keith Nieforth]

Hi,

 

This can be accomplished by setting the environment variables PAR_GLOBAL_TEMP and/or PAR_TEMP to a folder of your preference.

 

Please see this thread: https://www.perlmonks.org/?node_id=709846. This seems to do exactly what you want (we also use PAR::Packer to compile the Pirana executable on Windows).

 

Please note that you can't set the PAR_GLOBAL_TMP folder to the same folder as where you are running Pirana from (probably C:\Program Files x86), since that will probably overwrite pirana.exe. 

 

On a windows machine from the command line you can run:

 

set PAR_GLOBAL_TEMP=C:\test

pirana.exe

 

This will create the specified folder (if it doesn't exist yet), and run Pirana from that folder instead of from the TEMP folder. Of course you can also set the environment variables from the system settings window, and then run Pirana from a shortcut or start menu, it doesn’t have to be run from the console. 

 

Best Regards,

 

Keith

[evasive]

Keith,

 

This is EXACTLY what I needed.

 

THANK YOU! 

 

 

Best regards,

Edwin